Search criteria
3 vulnerabilities found for atune by huawei
FKIE_CVE-2021-33658
Vulnerability from fkie_nvd - Published: 2022-03-11 18:15 - Updated: 2025-04-02 18:33
Severity ?
Summary
atune before 0.3-0.8 log in as a local user and run the curl command to access the local atune url interface to escalate the local privilege or modify any file. Authentication is not forcibly enabled in the default configuration.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:huawei:atune:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BFA36E70-77F8-4F72-9382-A10ADB5FF687",
"versionEndIncluding": "0.8",
"versionStartIncluding": "0.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:openatom:openeuler:20.03:sp1:*:*:lts:*:*:*",
"matchCriteriaId": "464D2E5A-0D36-4893-85A4-2267AE0333DE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:openatom:openeuler:20.03:sp2:*:*:lts:*:*:*",
"matchCriteriaId": "EC27F5E3-893E-4A96-91C3-4B716457172C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:openatom:openeuler:20.03:sp3:*:*:lts:*:*:*",
"matchCriteriaId": "A98D36A4-869D-4F90-9434-599915671828",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "atune before 0.3-0.8 log in as a local user and run the curl command to access the local atune url interface to escalate the local privilege or modify any file. Authentication is not forcibly enabled in the default configuration."
},
{
"lang": "es",
"value": "atune versiones anteriores a 0.3-0.8, es registrado como un usuario local y ejecuta el comando curl para acceder a la interfaz url local de atune para escalar el privilegio local o modificar cualquier archivo. La autenticaci\u00f3n no est\u00e1 habilitada a la fuerza en la configuraci\u00f3n por defecto"
}
],
"id": "CVE-2021-33658",
"lastModified": "2025-04-02T18:33:53.340",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-11T18:15:21.320",
"references": [
{
"source": "securities@openeuler.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.openeuler.org/zh/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1541"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.openeuler.org/zh/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1541"
}
],
"sourceIdentifier": "securities@openeuler.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2021-33658 (GCVE-0-2021-33658)
Vulnerability from cvelistv5 – Published: 2022-03-11 17:54 – Updated: 2024-08-03 23:58
VLAI?
Summary
atune before 0.3-0.8 log in as a local user and run the curl command to access the local atune url interface to escalate the local privilege or modify any file. Authentication is not forcibly enabled in the default configuration.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:58:22.565Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.openeuler.org/zh/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1541"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "atune",
"vendor": "openEuler",
"versions": [
{
"status": "affected",
"version": "0.3-0.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "atune before 0.3-0.8 log in as a local user and run the curl command to access the local atune url interface to escalate the local privilege or modify any file. Authentication is not forcibly enabled in the default configuration."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-11T17:54:21",
"orgId": "7e1ac599-2767-43fa-b3ea-f10178cc98f2",
"shortName": "openEuler"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.openeuler.org/zh/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1541"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "securities@openeuler.org",
"ID": "CVE-2021-33658",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "atune",
"version": {
"version_data": [
{
"version_value": "0.3-0.8"
}
]
}
}
]
},
"vendor_name": "openEuler"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "atune before 0.3-0.8 log in as a local user and run the curl command to access the local atune url interface to escalate the local privilege or modify any file. Authentication is not forcibly enabled in the default configuration."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.openeuler.org/zh/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1541",
"refsource": "CONFIRM",
"url": "https://www.openeuler.org/zh/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1541"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7e1ac599-2767-43fa-b3ea-f10178cc98f2",
"assignerShortName": "openEuler",
"cveId": "CVE-2021-33658",
"datePublished": "2022-03-11T17:54:21",
"dateReserved": "2021-05-28T00:00:00",
"dateUpdated": "2024-08-03T23:58:22.565Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-33658 (GCVE-0-2021-33658)
Vulnerability from nvd – Published: 2022-03-11 17:54 – Updated: 2024-08-03 23:58
VLAI?
Summary
atune before 0.3-0.8 log in as a local user and run the curl command to access the local atune url interface to escalate the local privilege or modify any file. Authentication is not forcibly enabled in the default configuration.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:58:22.565Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.openeuler.org/zh/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1541"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "atune",
"vendor": "openEuler",
"versions": [
{
"status": "affected",
"version": "0.3-0.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "atune before 0.3-0.8 log in as a local user and run the curl command to access the local atune url interface to escalate the local privilege or modify any file. Authentication is not forcibly enabled in the default configuration."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-11T17:54:21",
"orgId": "7e1ac599-2767-43fa-b3ea-f10178cc98f2",
"shortName": "openEuler"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.openeuler.org/zh/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1541"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "securities@openeuler.org",
"ID": "CVE-2021-33658",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "atune",
"version": {
"version_data": [
{
"version_value": "0.3-0.8"
}
]
}
}
]
},
"vendor_name": "openEuler"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "atune before 0.3-0.8 log in as a local user and run the curl command to access the local atune url interface to escalate the local privilege or modify any file. Authentication is not forcibly enabled in the default configuration."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.openeuler.org/zh/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1541",
"refsource": "CONFIRM",
"url": "https://www.openeuler.org/zh/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1541"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7e1ac599-2767-43fa-b3ea-f10178cc98f2",
"assignerShortName": "openEuler",
"cveId": "CVE-2021-33658",
"datePublished": "2022-03-11T17:54:21",
"dateReserved": "2021-05-28T00:00:00",
"dateUpdated": "2024-08-03T23:58:22.565Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}